Critical WordPress plugin bug lets hackers take over hosting account

[ad_1]

Critical WordPress plugin bug lets hackers take over hosting account

Hackers can exploit a maximum severity vulnerability in the wpDiscuz plugin installed on over 70,000 WordPress sites to execute code remotely after uploading arbitrary files on servers hosting vulnerable sites.

wpDiscuz is a WordPress plugin marketed as an alternative to Disqus and Jetpack Comments that provides an Ajax real-time comment system that will store comments within a local database.

The plugin comes with support for multiple comment layouts, inline commenting and feedback, as well as a post rating system and multi-level (nested) comment threads.

Arbitrary file upload bug…

[ad_2]
More Info

About mblog.my

Check Also

Adding Images From Your Phone With Ease – WordPress.com News

Adding Images From Your Phone With Ease – WordPress.com News

[ad_1] We’re excited to share a new feature in the desktop editor and Jetpack mobile …

Leave a Reply

Your email address will not be published. Required fields are marked *